Esempio n. 1
0
		private EventResult(DicomEventResult result)
		{
			_result = result;
		}
Esempio n. 2
0
 /// <summary>
 /// Generates a "User Authentication" login event in the audit log, according to DICOM Supplement 95,
 /// and a "Security Alert" event if the operation failed.
 /// </summary>
 /// <param name="username">The username or asserted username of the account that was logged in.</param>
 /// <param name="eventResult">The result of the operation.</param>
 public static void LogLogin(string username, EventResult eventResult)
 {
     LogLogin(username, null, eventResult);
 }
Esempio n. 3
0
 private EventResult(DicomEventResult result)
 {
     _result = result;
 }
Esempio n. 4
0
        /// <summary>
        /// Generates a "Dicom Study Deleted" event in the audit log, according to DICOM Supplement 95.
        /// </summary>
        /// <remarks>
        /// This method automatically separates different patients into separately logged events, as required by DICOM.
        /// </remarks>
        /// <param name="aeTitle">The application entity from which the instances were deleted.</param>
        /// <param name="instances">The studies that were deleted.</param>
        /// <param name="eventSource">The source user or application entity which invoked the operation.</param>
        /// <param name="eventResult">The result of the operation.</param>
        public static void LogDeleteStudies(string aeTitle, AuditedInstances instances, EventSource eventSource, EventResult eventResult)
        {
            if (!AuditingEnabled)
            {
                return;
            }

            try
            {
                foreach (var patient in instances.EnumeratePatients())
                {
                    var auditHelper = new DicomStudyDeletedAuditHelper(eventSource, eventResult);
                    auditHelper.AddUserParticipant(eventSource);
                    auditHelper.AddUserParticipant(new AuditProcessActiveParticipant(aeTitle));
                    auditHelper.AddPatientParticipantObject(patient);
                    foreach (var study in instances.EnumerateStudies(patient))
                    {
                        auditHelper.AddStudyParticipantObject(study);
                    }
                    Log(auditHelper);
                }
            }
            catch (Exception ex)
            {
                Platform.Log(LogLevel.Warn, ex, _messageAuditFailed);
            }
        }
Esempio n. 5
0
        /// <summary>
        /// Generates a "Dicom Instances Accessed" update event in the audit log (with ActionCode of Delete), according to DICOM Supplement 95.
        /// </summary>
        /// <remarks>
        /// This method automatically separates different patients into separately logged events, as required by DICOM.
        ///
        /// We chose to impleemnt the DicomInstancesAccessed audit log, as opposed to the DicomStudyDeleted audit message because the whole
        /// study isn't being deleted, just a series.
        /// </remarks>
        /// <param name="aeTitles">The application entities from which the instances were accessed.</param>
        /// <param name="instances">The studies that the series belong that are being deleted.</param>
        /// <param name="eventSource">The source user or application entity which invoked the operation.</param>
        /// <param name="eventResult">The result of the operation.</param>
        public static void LogDeleteSeries(IEnumerable <string> aeTitles, AuditedInstances instances, EventSource eventSource, EventResult eventResult)
        {
            if (!AuditingEnabled)
            {
                return;
            }

            try
            {
                var aeTitlesArray = ToArray(aeTitles);
                foreach (var patient in instances.EnumeratePatients())
                {
                    var auditHelper = new DicomInstancesAccessedAuditHelper(eventSource, eventResult, EventIdentificationContentsEventActionCode.D);
                    auditHelper.AddUser(eventSource);
                    if (aeTitlesArray.Length > 0)
                    {
                        auditHelper.AddUser(new AuditProcessActiveParticipant(aeTitlesArray));
                    }
                    auditHelper.AddPatientParticipantObject(patient);
                    foreach (var study in instances.EnumerateStudies(patient))
                    {
                        auditHelper.AddStudyParticipantObject(study);
                    }
                    Log(auditHelper);
                }
            }
            catch (Exception ex)
            {
                Platform.Log(LogLevel.Warn, ex, _messageAuditFailed);
            }
        }
Esempio n. 6
0
        /// <summary>
        /// Generates a "DICOM Instances Transferred" received event in the audit log, according to DICOM Supplement 95.
        /// </summary>
        /// <remarks>
        /// This method automatically separates different patients into separately logged events, as required by DICOM.
        /// </remarks>
        /// <param name="localAETitle">The local application entity to which the transfer was completed.</param>
        /// <param name="remoteAETitle">The application entity from which the transfer was completed.</param>
        /// <param name="remoteHostName">The hostname of the application entity from which the transfer was completed.</param>
        /// <param name="instances">The studies that were transferred.</param>
        /// <param name="eventSource">The source user or application entity which invoked the operation.</param>
        /// <param name="eventResult">The result of the operation.</param>
        /// <param name="action">The action taken on the studies that were transferred.</param>
        public static void LogReceivedInstances(string localAETitle, string remoteAETitle, string remoteHostName, AuditedInstances instances, EventSource eventSource, EventResult eventResult, EventReceiptAction action)
        {
            if (!AuditingEnabled)
            {
                return;
            }

            try
            {
                foreach (var patient in instances.EnumeratePatients())
                {
                    var auditHelper = new DicomInstancesTransferredAuditHelper(eventSource, eventResult, action,
                                                                               remoteAETitle ?? localAETitle, remoteHostName ?? LocalHostname, localAETitle, LocalHostname);
                    foreach (var study in instances.EnumerateStudies(patient))
                    {
                        auditHelper.AddStudyParticipantObject(study);
                    }
                    Log(auditHelper);
                }
            }
            catch (Exception ex)
            {
                Platform.Log(LogLevel.Warn, ex, _messageAuditFailed);
            }
        }
Esempio n. 7
0
        /// <summary>
        /// Generates a "Data Export" event in the audit log, according to DICOM Supplement 95.
        /// </summary>
        /// <remarks>
        /// One audit event is generated for each file system volume to which data is exported.
        /// If the audited instances are not on a file system, a single event is generated with an empty media identifier.
        /// </remarks>
        /// <param name="instances">The files that were exported.</param>
        /// <param name="eventSource">The source user or application entity which invoked the operation.</param>
        /// <param name="currentAE">The current DICOM AE performing the operation.</param>
        /// <param name="eventResult">The result of the operation.</param>
        public static void LogExportStudies(AuditedInstances instances, EventSource eventSource, EventSource currentAE, EventResult eventResult)
        {
            if (!AuditingEnabled)
            {
                return;
            }

            try
            {
                var fileVolumes = new List <string>(instances.EnumerateFileVolumes());
                if (fileVolumes.Count == 0)
                {
                    fileVolumes.Add(string.Empty);
                }

                foreach (var volume in fileVolumes)
                {
                    var auditHelper = new DataExportAuditHelper(eventSource, eventResult, volume);
                    auditHelper.AddExporter(eventSource);
                    if (eventSource != currentAE)
                    {
                        auditHelper.AddExporter(currentAE);
                    }
                    foreach (var patient in instances.EnumeratePatients())
                    {
                        auditHelper.AddPatientParticipantObject(patient);
                    }
                    foreach (var study in instances.EnumerateStudies())
                    {
                        auditHelper.AddStudyParticipantObject(study);
                    }
                    Log(auditHelper);
                }
            }
            catch (Exception ex)
            {
                Platform.Log(LogLevel.Warn, ex, _messageAuditFailed);
            }
        }
Esempio n. 8
0
        /// <summary>
        /// Generates an (issued) "Query" event in the audit log, according to DICOM Supplement 95.
        /// </summary>
        /// <param name="localAETitle">The local application entity making the query.</param>
        /// <param name="remoteAETitle">The application entity on which the query is taking place.</param>
        /// <param name="remoteHostName">The hostname of the application entity on which the query is taking place.</param>
        /// <param name="eventSource">The source user or application entity which invoked the operation.</param>
        /// <param name="currentAE">The current DICOM AE performing the operation.</param>
        /// <param name="eventResult">The result of the operation.</param>
        /// <param name="sopClassUid">The SOP Class Uid of the type of DICOM Query being issued</param>
        /// <param name="ds">The dataset containing the DICOM query being issued</param>
        public static void LogQueryIssued(string localAETitle, string remoteAETitle, string remoteHostName, EventSource eventSource, EventSource currentAE, EventResult eventResult, string sopClassUid, DicomAttributeCollection ds)
        {
            if (!AuditingEnabled)
            {
                return;
            }

            try
            {
                var auditHelper = new QueryAuditHelper(eventSource, eventResult,
                                                       localAETitle, LocalHostname, remoteAETitle ?? localAETitle,
                                                       remoteHostName ?? LocalHostname,
                                                       sopClassUid, ds);
                if (eventSource != currentAE)
                {
                    auditHelper.AddOtherParticipant(currentAE);
                }
                Log(auditHelper);
            }
            catch (Exception ex)
            {
                Platform.Log(LogLevel.Warn, ex, _messageAuditFailed);
            }
        }
Esempio n. 9
0
        /// <summary>
        /// Generates a "User Authentication" logout event in the audit log, according to DICOM Supplement 95.
        /// </summary>
        /// <param name="username">The username or asserted username of the account that was logged out.</param>
        /// <param name="authenticationServer">The authentication server against which the operation was performed.</param>
        /// <param name="eventResult">The result of the operation.</param>
        /// <param name="sessionId">The ID of the session that is being logged out.</param>
        public static void LogLogout(string username, string sessionId, EventSource authenticationServer, EventResult eventResult)
        {
            if (!AuditingEnabled)
            {
                return;
            }

            try
            {
                var currentProcess = EventSource.GetUserEventSource(LocalHostname);                 // record that the current process is the one that identified the authentication event
                var auditHelper    = new UserAuthenticationAuditHelper(currentProcess, eventResult, UserAuthenticationEventType.Logout);
                auditHelper.AddUserParticipant(new AuditPersonActiveParticipant(username, string.Empty, username));
                if (authenticationServer != null)
                {
                    auditHelper.AddNode(authenticationServer);
                }

                Log(auditHelper, username, sessionId);
            }
            catch (Exception ex)
            {
                Platform.Log(LogLevel.Warn, ex, _messageAuditFailed);
            }
        }
Esempio n. 10
0
 /// <summary>
 /// Generates a "User Authentication" logout event in the audit log, according to DICOM Supplement 95.
 /// </summary>
 /// <param name="username">The username or asserted username of the account that was logged out.</param>
 /// <param name="eventResult">The result of the operation.</param>
 /// <param name="sessionId">The ID of the session that is being logged out.</param>
 public static void LogLogout(string username, string sessionId, EventResult eventResult)
 {
     LogLogout(username, sessionId, null, eventResult);
 }
Esempio n. 11
0
        /// <summary>
        /// Generates a (received) "Query" event in the audit log, according to DICOM Supplement 95.
        /// </summary>
        /// <param name="localAETitle">The local application entity receiving the query.</param>
        /// <param name="remoteAETitle">The application entity that issued the query.</param>
        /// <param name="remoteHostName">The hostname of the application entity that issued the query.</param>
        /// <param name="currentAE">The current DICOM AE performing the operation.</param>
        /// <param name="eventResult">The result of the operation.</param>
        /// <param name="sopClassUid">The SOP Class Uid of the type of DICOM Query being received.</param>
        /// <param name="ds">The dataset containing the DICOM query received.</param>
        public static void LogQueryReceived(string localAETitle, string remoteAETitle, string remoteHostName, EventSource currentAE, EventResult eventResult, string sopClassUid, DicomAttributeCollection ds)
        {
            if (!AuditingEnabled)
                return;

            try
            {
                var auditHelper = new QueryAuditHelper(currentAE, eventResult,
                                                       remoteAETitle ?? localAETitle, remoteHostName ?? LocalHostname, localAETitle, LocalHostname,
                                                       sopClassUid, ds);
                Log(auditHelper);
            }
            catch (Exception ex)
            {
                Platform.Log(LogLevel.Warn, ex, _messageAuditFailed);
            }
        }
Esempio n. 12
0
        /// <summary>
        /// Generates a "User Authentication" login event in the audit log, according to DICOM Supplement 95,
        /// and a "Security Alert" event if the operation failed.
        /// </summary>
        /// <param name="username">The username or asserted username of the account that was logged in.</param>
        /// <param name="authenticationServer">The authentication server against which the operation was performed.</param>
        /// <param name="eventResult">The result of the operation.</param>
        public static void LogLogin(string username, EventSource authenticationServer, EventResult eventResult)
        {
            if (!AuditingEnabled)
                return;

            try
            {
                var currentProcess = EventSource.GetUserEventSource(LocalHostname); // record that the current process is the one that identified the authentication event
                var auditHelper = new UserAuthenticationAuditHelper(currentProcess, eventResult, UserAuthenticationEventType.Login);
                auditHelper.AddUserParticipant(new AuditPersonActiveParticipant(username, string.Empty, username));
                if (authenticationServer != null)
                    auditHelper.AddNode(authenticationServer);

                Log(auditHelper);

                if (eventResult != EventResult.Success)
                {
                    var alertAuditHelper = new SecurityAlertAuditHelper(currentProcess, eventResult, SecurityAlertEventTypeCodeEnum.NodeAuthentication);
                    alertAuditHelper.AddReportingUser(currentProcess);
                    alertAuditHelper.AddActiveParticipant(new AuditPersonActiveParticipant(username, string.Empty, username));
                    Log(alertAuditHelper);
                }
            }
            catch (Exception ex)
            {
                Platform.Log(LogLevel.Warn, ex, _messageAuditFailed);
            }
        }